LinkedIn takes to Twitter to update media and consumers on data breach

Data breach: 6.5 million LinkedIn passwords have been posted online
When news broke yesterday of a massive data breach at LinkedIn, in which a file containing 6.5 million passwords was posted online, the company took to fellow social media network Twitter to update both the press and consumers.

Its first tweet stated: ‘Our team is currently looking into reports of stolen passwords. Stay tuned for more.’

LinkedIn later posted: ‘Our team continues to investigate, but at this time, we're still unable to confirm that any security breach has occurred. Stay tuned here.’

The indirect approach to communicating about the breach and a lack of a formal statement led the media to seek advice from security experts rather than LinkedIn professionals. IT security and data protection firm Sophos was quoted widely and urged users to change their security details immediately. The press was also quick to state LinkedIn had refused to comment.

The security scare has caused fresh embarrassment for the site after privacy concerns were raised about its iPhone and iPad apps, which were found to transmit users’ meeting notes back to LinkedIn servers without their permission.

LinkedIn declined to comment on its comms handling, directing PRWeek to a blog post late last night.

In the post Silveira admitted passwords belonging to ‘some’ of its members had been compromised and that they were ‘continuing to investigate this situation’. This was the first admission from the company that security had been breached.

The blog detailed how those affected would be contacted and asked to change their passwords. It also took the opportunity to communicate its recent ‘enhanced security’ which ‘includes hashing and salting [which makes passwords harder to crack] of our current password databases’.

Silveira also stated: ‘We sincerely apologise for the inconvenience this has caused our members. We take the security of our members very seriously.’